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Re fe renews : 


(a)  DoD  Directive  3200.28,  "Security  Requirements  for 
Automatic  Data  Processing  (ADP)  Systems,"  December 
18,  1972 

(b)  DoD  5200. 28-M,  "ADP  Security  Manual,"  January  1973, 
authorized  by  reference  (a) 

(c)  0MB  Circular  No.  A-71,  Transmittal  Memorandum  No.  1 
"Security  of  Federal  Automated  Information  Systems, 
July  27,  1978 

(d)  through  (m),  see  enclosure  1 


A.  PURPOSE 


This  Directive  establishes  the  DoD  Computer  Security  Evaluation 
Center  (CSEC),  provides  policy,  and  assigns  responsibilities  for  the 
technical  evaluation  of  computer  system  and  network  security,  and 
related  technical  research. 


B.  APPLICABILITY  AND  SCOPE 

1.  This  Directive  applies  to  the  Office  of  the  Secretary  of 
Defense  (OSD),  the  Military  Departments,  the  Organization  of  the 
Joint  Chiefs  of  Staff,  the  Unified  and  Specified  Commands,  and 
the  Defense  Agencies  (hereafter  referred  to  as  "DoD  Components"). 

2.  Its  provisions  govern  the  conduct  of  trusted  computer  system 
evaluation  and  technical  research  activities  within  the  Department 
of  Defense  in  support  of  overall  computer  system  security  evaluation 
and  approval  responsibilities  assigned  to  the  DoD  Components  under 
references  (a),  (b),  (c),  DoD  Directives  5220.22,  and  5400.11  (ref¬ 
erences  (d)  and  (el). 

C.  DEFINITIONS 


1.  Sensitive/Classified  Information.  Sensitive  information  as 
defined  in  reference  (c),  and  classified  information  as  defined  in 
DoD  5200. 1-R  (reference  (f)). 


2.  A  Trusted  Computer  System.  Employs  sufficient  hardware  and 
software  integrity  measures  to  allow  its  use  for  processing  simul¬ 
taneously  a  range  of  sensitive  or  classified  information. 
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3.  Generic  Computer  Security  Research  and  Development.  Has  potential 
application  over  a  very  broad,  generalized  basis,  and  includes  experimental 
exploration  and  development  of  feasible  and  potentially  useful  technology, 
reponsive  to  a  broad  class  of  computer  security  needs. 

I) .  POIJ_CY 

1.  It  is  DoD  policy  to  encourage  the  easy  availability  of  trusted  computer 
systems.  The  establishment  of  the  DoD  CSEC,  the  consolidation  of  generic 
computer  security  research  and  development  (R&D),  the  evaluation  of  computer 
security  systems  and  the  establishment  of  an  Evaluated  Products  List  (EPL)  are 
designed  to  further  this  objective. 

2.  The  DoD  Consolidated  Computer  Security  Program  (CCSP)  shall  include' 
resources  for  the  operation  of  the  CSEC  and  for  generic  computer  security 
K&D  activities  in  support  of  DoD  Components.  The  DoD  Components  are  respon¬ 
sible  for  DoD  Component  security  research,  development,  test,  and  evaluation 
(RDT&E)  efforts  and  application-dependent  research  and  development  for  specific 
DoD  Component  systems. 

3.  The  activities  and  products  of  the  CSEC,  including  technical  advice 
and  support,  shall  complement  the  established  responsibilities  of  DoD  Com¬ 
ponents  relating  to  the  overall  policy,  security  evaluation,  and  approval  of 
computer  systems  as  prescribed  in  DoD  Directive  5200.28,  DoD  5200. 28-M,  0MB 
Circular  A-71,  Directives  5220.22  and  5400.11  (references  (a),  (b),  (c),  (d), 
and  (e)),  for  the  processing,  use,  and  production  of  sensitive  and  classified 
information . 

4.  The  EPL  is  not  intended  to  replace  prescribed  procurement  practices  in 
the  acquisition  of  computers  and  computer  services.  The  CSEC  and  EPL  are 
established  to  assist  procuring  activities  in  evaluating  available  products; 
computer  products  or  services  will  not  be  rejected  on  the  basis  that  the  pro¬ 
duct  or  service  is  not  on  an  EPL. 

E.  PROCEDURES 

Precedures  for  consolidated  technical  research  are  at  enclosure  2. 

F.  RESPONSIBILITIES 

1.  The  Under  Secretary  of  Defense  for  Research  and  Engineering  (USDR&E), 
or  his  designee,  shall; 

a.  Provide  overall  policy  direction,  guidance,  and  management  over¬ 
sight  for  the  CSEC  in  coordination  with  the  Deputy  Under  Secretary  of  Defense 
(Policy)  (DUSD(P))  and  the  Assistant  Secretary  of  Defense  (Comptroller)  (ASD(C)). 

b.  Establish  a  steering  committee  composed  of  representatives  of  DoD 
Components  to  review  center  activities  and  recommend  future  directions. 

c.  In  coordination  with  the  Deputy  .Assistant  Secretary  of  Defense 
(Policy)  (DUSD(P))  and  the  Assistant  Secretary  of  Defense  (Comptroller)  (ASD(C)) 
represent  the  Secretary  of  Defense  with  other  government  agencies,  foreign 
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governments,  the  North  Atlantic  Treaty  Organization  (NATO),  and  to  the  extent 
permitted,  industry,  in  trusted  computer  system  evaluation  policy  matters. 

Enter  into  agreements,  if  appropriate,  consistent  with  National  Disclosure 
Policy  (reference  (g)),  with  other  government  agencies,  foreign  governments, 
and  NATO. 

d.  Establish  an  information  exchange  forum  on  computer  security 
matters  among  DoD  Components. 

2.  The  Director,  National  Security  Agency  (NSA),  in  cooperation  with  the 
USDR&E,  shall:  “ 

a.  Establish  and  operate  the  CSEC  as  a  separate  and  unique  entity 
within  the  NSA. 

b.  Program  and  budget  for  CCSP  support  resources  under  procedures 
prescribed  for  the  DoD  planning,  programing,  and  budgeting  processes,  but 
excluding  National  Foreign  Intelligence  Program  funds  controlled  by  the  Director 
of  Central  Intelligence  (DCI)  under  E.O.  12333  (reference  (h)). 

c.  Appoint  a  Director  to  manage  the  CSEC  who  shall: 

(1)  Establish  and  maintain  technical  standards  and  criteria  for 
the  evaluation  of  trusted  computer  systems  that  can  be  incorporated  readily 
into  the  DoD  Component  life-cycle  management  process  (DoD  Directives  7920.1, 
5000.29,  5000.1,  5000.2  (references  (i ) , (k) , (1) , (m) ) .  Provide  assistance  to 
the  DoD  Components  in  the  application  of  the  technical  standards  and  criteria. 

(2)  Conduct  evaluations  of  selected  industry  and  government- 
developed  trusted  computer  systems  against  these  criteria.  Request  for  evaluation 
of  government-developed  computer  systems  will  be  from  the  DoD  Component  respon¬ 
sible  for  the  security  of  the  system  to  be  evaluated. 

(3)  Maintain  and  publish  an  EPL  of  the  selected  industry  and 
government-developed  trusted  computer  systems  that  is  suitable  for  use  by 
the  DoD  Components. 

(4)  Conduct  and  sponsor  R&D  for  trusted  computer  systems,  and  for 
computer  security  evaluation  and  verification  methods  and  techniques. 

(5)  Provide  assistance  to  the  DoD  Components  by  conducting  evalu- 
tions  of  selected  DoD  and  DoD  contractor  trusted  computer  systems  in  response 
to  requests  from  the  DoD  Component  responsible  for  the  security  of  the  computer 
system  to  be  evaluated. 

(6)  Serve  as  the  focal  point  for  technical  matters  concerning 
the  use  of  trusted  computer  systems  for  the  protection  of  sensitive  and 
classified  information  and,  in  conjunction  with  DoD  Component  computer  security 
test  and  evaluation  activities,  provide  technical  advice  to  the  DoD  Components. 

(7)  Sponsor  DoD  Component  cooperative  efforts,  public  seminars, 
and  workshops  for  the  purpose  of  technology  transfer. 
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(8)  Serve  as  the  DoD  principal  technical  point  of  contact  on 
trusted  computer  system  matters  with  other  government  agencies,  industry, 
toreign  governments,  and  NATO  under  the  policy  guidance  of  the  USDR^!  or 
designee,  consistent  with  National  Disclosure  Policy  (reference  (g))- 

!9)  Develop  and  maintain  the  CCSl’,  in  conjunction  with  Dol) 
Components.  (See  procedures  at  enclosure  2). 

,i .  Heads  of  DoD  Com^ionents,  or  designees,  shall: 

a.  Make  maximum  use  of  the  standards,  technical  criteria,  and  evalua¬ 
tions  promulgated  by  the  CSEC  in  meeting  their  responsibilities  for  overall 
automatic  data  processing  (ADD)  system  security  evaluation,  approval,  and 
maintenance  as  set  forth  in  DoD  Directive  5200.28,  DoD  5200. 28-M,  DoD  Directives 
5220.22,  and  5400.11  (references  (a),  (b),  (d),  and  (e)). 


b.  Establish  overall  ADP  security  policy  for  specific  types  of  sensi¬ 
tive  and  classified  information  under  their  security  cognizance,  and  prescribe 
the  security  procedures  and  constraints  appropriate  for  the  classes  of  trusted 
computer  systems  as  defined  in  the  EPL. 

c.  Designate  central  DoD  Component  focal  points  for  interaction  with 
the  CSEC  in  the  development  of  Component  trusted  computer  systems. 

d.  Formulate  jointly  the  CCSP  and  manage  directly  the  execution  of 
their  respective  portions  of  the  CCSP  in  accordance  with  enclosure  2. 

e.  Conduct  RDT&E  to  meet  specific  operational  needs  identified  by 
Component  requirements. 

G.  EFFECTIVE  DATE  AND  IMPLEMENTATION 


This 
document 
120  days 


Directive  is  effective  immediately .  Forward  two  copies  of  implementing 
to  the  Under  Secretary  of  Defense  for  Research  and  Engineering  within 


Deputy  Secretary  of  Defense 


Enclosures  -  2 

1 .  References 

2.  Summary  of  Procedures  for  Consolidated 
Technical  Research 
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REFERENCES,  eontinued 

(d)  DoD  Directive  5220.22,  "DoD  Industrial  Security  Program,"  December  8, 

1980 

(e)  DoD  Directive  5A00.11,  "Department  of  Defense  Privacy  Program,"  June  9, 
1982 

(f)  DoD  5200. 1-R,  "Information  Security  Program  Regulation,"  August  1982, 
authorized  by  DoD  Directive  5200.1,  "DoD  Information  Security  Program," 
June  7,  1982 

(g)  DoD  Instruction  5230.17,  "Procedures  and  Standards  lor  Disclosure  ol 
Military  Information  to  Foreign  Activities,"  August  17,  1979 

(hj  Executive  Order  12333,  "United  States  Intelligence  Activities"  December  4, 

1981 

(ij  DoD  Directive  7920.1,  "Life  Cycle  Management  of  Automated  Information 
Systems  (AIS),"  October  17,  1978 

(j)  DoD  Directive  7200.1,  "Administrative  Control  of  Appropriations," 

November  15,  1978 

(k)  DoD  Directive  5000.29,  "Management  of  Computer  Resources  in  Major 
Defense  Systems,"  April  26,  1976 

(l)  DoD  Directive  5000.1,  "Major  Systems  Acquisition,"  March  9,  1982 

(m)  DoD  Directive  5000.2,  "Major  Systems  Acquisition  Process," 

March  19,  1980 
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» 

This  establishes  the  procedures  for  developing  the  generic  computer  security 
R&D  portion  of  the  CCSP,  as  defined  in  subsection  C.3.  of  this  Directive. 

Portions  of  the  CCSP  relating  solely  to  the  operations  of  the  CSEC  are  not 
included  in  this  sumraarv. 

» 

1.  Under  paragraph  F.2.b.  of  this  Directive,  the  Director,  NSA,  shall 
issue  a  data  call  for  each  fiscal  year  to  the  DoD  Components  for  the  CCSP. 

The  data  call  shall  request  identification  of  major  tasks  and  milestones  for 
that  fiscal  year. 

2.  DoD  Components  shall  submit  to  NSA  their  proposed  projects  for  generic  ^ 

computer  security  R&D  in  the  format  prescribed.  This  shall  include  a  program- 

quality  technical  description,  cost  estimates,  and  recommendation  for  the 
execution  responsibility,  namely,  the  submitting  Component,  another  Component, 
or  the  CSEC.  The  CSEC  similarly  shall  prepare  its  own  proposals. 

3.  The  CSEC  shall  convene  the  technical  review  group  (TRG)  composed  of  an  * 

identified  principal  from  each  DoD  Component  with  participation  by  the  working 

level  engineering,  scientific,  communications  and  data  processing  personnel  of 

DoD  Components  and  the  CSEC.  The  purpose  and  function  of  this  group  is  to 

review  the  Component  submissions  for  redundancies,  completeness,  and  resource 

requirements,  and  to  determine  initial  priorities.  The  TRG  deliberations  are 

directed  toward  an  understanding  and  agreement  among  all  principals  of  the  * 

nature  and  scope  of  the  proposed  CCSP  research  and  development  projects. 

4.  The  CSEC  shall  compile  the  TRG-reviewed  projects  and  provide  the  DoD 
Components  a  copy  of  the  draft  program  for  review  and  comment. 

5.  The  Director,  CSEC,  shall  chair  the  program  working  group  (PWG)  which  * 

is  composed  of  a  principal  from  each  DoD  Component.  The  function  of  the  PWG 

IS  to  review  and  refine  the  priorities  for  the  generic  security  RSJ)  portion  of 

the  CCSP  under  published  OSD  guidance.  The  PWG  shall  recommend  the  generic 

computer  security  R&D  program  to  the  Director,  NSA.  The  CSEC  shall  prepare  the 

draft  consolidated  computer  security  R&D  program  and  provide  the  Components  a 

copy  for  review  and  comment.  * 

6.  The  Director,  NSA,  shall  chair  the  program  manager's  review  group 
(PMRG)  consisting  of  representatives  from  DoD  Components,  including  the 
Deputy  Assistant  Secretary  of  Defense  (Communications,  Command,  Control, 
and  Intelligence)  and  the  Deputy  Assistant  Secretary  of  Defense  (Research 

and  Advanced  Technology)  as  members,  with  additional  observers,  as  appropriate.  * 

A  formal  briefing  on  the  overall  CCSP  shall  be  presented  to  the  Director  and 
this  group. 

7.  The  Director,  NSA,  shall  approve  the  CCSP  after  considering  the  changes 
or  modifications  suggested  by  this  review  group.  This  shall  constitute  the 
basis  for  the  CCSP  portion  of  the  NSA  Program  Objectives  Memorandum  (POM) 
submiss  ion . 
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8.  Acting  upon  published  guidance  and  based  on  the  approved  CCSP ,  NSA 
shall  make  the  budget  submission  for  the  CCSP.  The  CSEC  shall  distribute  the 
CCSP  portion  of  the  NSA  POM  submission  to  the  Do!)  Components. 

9.  Before  anticipated  appropriation,  the  PWG  shall  reline  tiirther  priori¬ 
ties,  confirm  execution  responsibilities,  and  identity  possible  candidates  in 
the  event  of  program  reductions.  These  actions  shall  be  the  basis  for  sub- 
allocation  of  funding. 

10,  Following  receipt  of  obligational  authority,  NSA  shall  suballocate 
CCSP  funds  to  DoD  Components  for  their  approved  tasks  under  DuD  Directive 
7200.1  (reference  (j)).  The  suba 1 1 ocat  lon  process  requires  that  each  DoD 
Component  provide  to  NSA  by  the  I'ith  of  each  month  a  status  report  of  commit¬ 
ments  and  obligations  of  the  CCSP  funds. 
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INSTRUCTIONS  FOR  RECIPIENTS 


Pen  changes  to  the  following  DoD  Issuances  are  authorized : 


DoD  Issuance  Number  and  Date 

DoD  Directive  5000.4.  November  24, 1992 
Section  E. 

Heading.  Delete  "AND  IMPLEMENTATION" 

Lines  1  through  5.  Delete  "Implementing  'documents  shall 
be  kept  to  a  minimum  as  deemed  appropriate  by  the  DoD 
Component  Acquisition  Executive.  Forward  one  copy  of 
implementing  documents  to  the  Assistant  Secretary  of 
Defense  (Program  Analysis  and  Evaluation)  within  120  days." 

DoD  Directive  5010.10,  Augusts,  1972 
Section  IX. 

Heading.  Delete  "AND  IMPLEMENTATION" 

Lines  2  through  7.  Delete  "  DoD  compon#-  its  will  revise 
their  regulations  and  instructions  as  necessary  to  implement 
this  Directive  and  forward  two  copies  of  implementing 
instructions  to  the  Assistant  Secretary  of  Defense  (Intelligence) 
and  to  the  Assistant  Secretary  of  Defense  (Manpower  and 
Reserve  Affairs)  within  90  days." 

DoD  Instruction  5010.34,  August  4, 1975 
Section  VII. 

Heading.  Delete  "AND  IMPLEMENTATION" 

Lines  1  through  5.  Delete  "and  will  be  promptly  implemented 
in  conjunction  with  DoD  Directive  5010.31  (reference  (a)).  DoD 
Components  shall  forward  four  copies  of  their  implementing 
documents  to  the  Assistant  Secretary  of  Defense  (Installations  and 
Logistics)  within  90  days." 
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INSTRUCTIONS  FOR  REORIENTS  (continued) 


DoD  Issuance  Number  and  Date 

DoD  Instruction  5010.39.  November  16. 1984 
Section  H. 

Heading.  Delete  "AND  IMPLEMENTATION' 

Lines  1  through  3.  Delete  "FonArard  one  copy  of 
implementing  documents  to  the  Assistant  Secretary  of  Defense 
(Manpower,  installations,  and  Logistics)  within  120  days." 

DoD  Directive  5120.39,  April  24. 1980 
Section  G. 

Heading.  Delete  "AND  IMPLEMENTATION' 

Lines  1  through  3.  Delete  "FonA/ard  two  copies  of  implementing 
Instructions  to  the  Assistant  Secretary  of  Defense  (Manpower, 
Reserve  Affairs,  and  Logistics)  within  120  days." 

DoD  Directive  5120.42,  May  19. 1977 
Section  I. 

Heading.  Delete  "AND  IMPLEMENTATION" 

Lines  1  through  3.  Delete  "Forward  two  copies  of  the 
implementing  instructions  to  the  Assistant  Secretary  of  Defense 
(Manpower,  Reserve  Affairs,  and  Logistics)  within  90  days." 

DoD  Directive  5132.3,  March  10, 1981 
Section  G. 

Heading.  Delete  "AND  IMPLEMENTATION" 

Lines  1  through  3.  Delete  "Forward  two  copies  of  the 
implementing  documents  to  the  Assistant  Secretary  of  Defense 
(International  Security  Affairs)  within  1 20  days." 

DoD  Directive  5154.1 1.  September  12, 1988 
Section  F. 

Heading.  Delete  "AND  IMPLEMENTATION" 

Lines  1  through  3.  Delete  "Forward  two  copies  of  the 
implementing  documents  to  the  Assistant  Secretary  of  Defense 
(Health  Affairs)  within  60  days." 

DoD  Directive  5210.2,  January  12, 1978 
Section  G. 

Heading.  Delete  "AND  IMPLEMENTATION" 

Lines  1  through  5.  Delete  "Forward  two  copies  of  the 
implementing  documents,  and  any  subsequent  amendments,  to 
the  Deputy  Under  Secretary  of  Defense  for  Policy  within  90  days. 
One  copy  shall  be  marked  to  indicate  implemented  sections, 
subsections,  paragraphs,  and  subparagraphs  of  this  Directive." 


Change  Number 
Change  1 


Change  1 


Change  1 


Change  1 


Change  1 


Change  3 
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DoD  Issuance  Number  and  Date 

DoD  Instruction  5210.25.  May  12. 1983 
Section  G. 

Heading.  Delete  "AND  IMPLEMENTATION' 

Lines  1  through  3.  Delete  "Forward  two  copies  of  the 
implementing  documents  to  Deputy  Under  Secretary  of  Defense 
for  Policy  within  120  days."  ‘ 


Change  Number 
Change  1 


DoD  Directive  5210.64.  November  6. 1978 
Section  E. 

Heading.  Delete  "AND  IMPLEMENTATION" 

Lines  1  through  5.  Delete  "Forward  two  copies  of  the 
implementing  documents  and  any  subsequent  amendments, 
to  the  Assistant  Secretary  of  Defense  (Comptroller)  within 
1 20  days.  Mark  one  copy  to  indicate  implemented  sections, 
subsections,  paragraphs,  and  subparagraphs  of  this  Directive." 

DoD  Instruction  5210.74.  June  26. 1985 
Section  H. 

Heading.  Delete  "AND  IMPLEMENTATION" 

Lines  1  through  4.  Delete  "FonA/ard  three  copies  of  the 
implementing  documents  to  the  Assistant  Secretary  of  Defense 
for  Command,  Control,  Communcations,  and  Intelligence  within 
1 20  days  of  receipt  of  this  Instruction  and  the  applicable  Federal 
Acquisition  Regulation." 

DoD  Directive  5210.83,  November  15,  1991 
Section  H. 

Heading.  Delete  "AND  IMPLEMENTATION" 

Lines  1  through  5.  Delete  "Forward  one  copy  of  the  implementing 
documents  to  the  Assistant  Secretary  of  Defense  for  Command, 
Control,  Communcations,  and  Intelligence  within  120  days;  forward 
one  copy  of  changes  to  implementing  documents  within  90  days  of 
publication." 

DoD  Directive  5215.1,  October  25, 1982 
Section  G. 

Heading.  Delete  "AND  IMPLEMENTATION" 

Lines  1  through  3.  Delete  "Forward  two  copies  of  the  implementing 
document  to  the  Under  Secretary  of  Defense  for  Research  and 
Engineering  within  120  days." 

DoD  Directive  5500.19,  December  6, 1985 
Section  G. 

Heading.  Delete  "AND  IMPLEMENTATION" 

Lines  1  and  2.  Delete  "Forward  two  copies  of  the  implementing 
documents  to  the  General  Counsel,  Department  of  Defense,  within 
120  days." 


Change  1 


Change  1 


Change  1 


Change  1 


Change  1 


so  Form  106-1C,  MAR  84 
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NUMBER 


DATE 
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*  DEPARTMENT  OF  DEFENSE 
DIRECTIVES  SYSTEM  TRANSMITTAL 


INSTRUaiONS  FOR  RECIPIENTS  (continued) 


DoD  Issuance  Number  and  Date  Change  Number 

DoD  Directive  5535.4,  August  31. 1984  Change  1 

Section  F. 

Heading.  Delete  "AND  IMPLEMENTATION" 

Lines  1  through  5.  Delete  "Component  implementation  shall 
be  submitted  for  approval  of  the  General  Counsel,  Department 
of  Defense,  within  90  days  of  the  effective  date  of  this  Directive. 

All  component  implementing  regulations  and  changes  require  the 
approval  of  the  General  Counsel." 


EFFECTIVE  DATE 


The  above  pen  changes  are  effective  immediately.  Although  the  pen  changes  remove  the 
requirement  for  DoD  Components  to  issue  implementing  documents,  the  DoD  issuances  are 
directly  applicable  to  all  elements  with  the  Components  and  the  Heads  of  the  DoD  Components 
are  responsible  for  carrying  out  the  DoD  guidance. 


